Microsoft's four promises to keep our data safe in the cloud

In a lengthy, rambling blog post, Microsoft President Brad Smith explains how what has happened in relation to security over the past year is shaping the company's attitude to the cloud. He says that "it's time to rebuild the world's faith in the technology that empowers us all".

He takes a while to get to the point, meandering slowly around anecdotes about Windows 10, Edward Snowden, terrorist attacks in Paris, hacking, and governmental desires to weaken encryption. He says that these and other events "show it's crucial to have a conversation about worldwide information security".

Smith makes the point that it can be difficult to comply with the differing data storage and security laws around the world. Despite this, he wants Microsoft to be a voice for the people as well as standing up for the right of governments and businesses. The new Microsoft is all about the cloud ("mobile first, cloud first" as we have been told ad nauseum) after all.

Smith says that Microsoft has been inspired by the events of the last twelve months, including the Sony hack, the continued revelations from Edward Snowden, and the Charlie Hebdo attack in France. He also makes four promises to "governments, enterprises, consumers, and people around the world":

We will keep their data secure.

We will ensure people's data is private and under their control.

We will figure out the laws in each country and make sure data is managed accordingly.

And we will be transparent so people know what we are doing.

He goes on to explain what Microsoft will do for businesses:

We stand behind our technology with contracts to ensure we have strong and specific security safeguards. We process customers' information only as they instruct us, and we put in place strong regulatory compliance to meet their needs. We will tell them, whenever we're permitted, what the government is doing to access their data, and if we need to we'll go to court to vindicate those rights when that's the proper thing to do. Finally, we will continue to advance transparency.

Smith's post is worth a visit for a couple of reasons. Wade through the self-congratulatory guff, and there are some interesting stats about the legal processes Microsoft has gone through, and some great info about what has been happening for the last year, and how different countries approach data and security requirements.